A code of practice for the forthcoming Police National Database says that an audit trail will be created to tackle abuse.
Chief police officers will be responsible for auditing the activity of their own officers and no user should audit their own activities, says the document, presented to Parliament on 17 March 2010 by the …

Re: not enough coffee?

Audit trail

Newsflash - plod forced to add an audit trail! Excuse me - WTF.

How many systems do the plod have without a audit trail(s) plural. I thought all supposedly secure systems had multiple levels of audit trail. Also I would hope someone is reconciling these as part of a rolling security review.

Are you teling me the plod have yet to get their brains out of the 80's? Mind you given the salaries for plod IT jobs, "pay peanuts get monkeys" springs to mind. I am amazed they have not outsourced thier IT dev and support to one of the APNIC lands to save that bit more.

exactly my thoughts

Self-regulation rears its ugly head again (and again, and again...)

Oh great - the police once again being entrusted with the task of policing themselves.

I suppose one should take solace from the fact that at least it has been recognised that there is a need for an audit trail, albeit designed more to ensure compliance with the DPA than to combat abuse of the system.

You mean it doesn't already?

That's if the information has not bee deleted already

Note however that AFAIK anyone charged and sent for trial would have a file through the PNC system in any case. Given the UK police forces fondness for collecting data I *strongly* doubt that being acquitted at a trial is *anywhere* near enough to have their record removed from a PNC check.

This will also mean that all that "soft" intelligence or gossip, innuendo and malice, will about someone will be accessible nationwide.

Still good know it will have an audit trail. So if some vigilante group does burn a house because a mate in the force 2 counties away says someone reported that someone they knew said someone had been seen near a play ground they can find the plod to started it.

Data security. They've heard of it. Thumbs down because audit trails should be in from day 1.

Information Sharing, Huh?

Hmnnn, one wonders how effective the PND will be at its stated purpose of "information sharing". The political and technical barriers to individual forces uploading data are already quite high:

* Reluctance to expose "interesting" or "sensitive" data to other forces, in case it is "misused" by other forces, or simply upsets long-running operations (you don't really want somebody you have been following for months arrested by a neighbouring force on a minor offence, do you?)

* Reluctance to expose poor-quality data for risk of embarrassment or ridicule by other forces (or worse, the attention of professional standards or HMIC).

* Difficulty of meeting the onerous technical requirements of the interface specification for uploading information to PND.

So how much really useful data will end up in PND? I suspect a minor fraction of what is actually available, seriously restricting its value for intelligence purposes.

Then, each individual force will apply its own access control policies on their uploaded information. Given the lack of standardisation of working practices across the forces, these policies are all going to be subtly different, which means that visibility of information will vary from force to force. Any query across information from multiple forces is therefore going to deliver inconsistent results. How users and intelligence analysts will make sense of this is anybody's guess.

The implementation of the centralised security model is also going to be incredibly difficult and complex, because it will actually be an amalgam of 43 different security policies, one for each force (and not counting the national agencies, of course). How likely is it that the implementation of such an access control model is going to be correct, with no weaknesses or security holes?

The PND also seems to confuse the needs for the search and sharing of intelligence information (the original and primary driver for PND) with the simpler information access needs for operational policing (that is, the future replacement of PNC). It would probably have been better to create two separate systems to deal with these two very different sets of requirements.

Surely, for the search and sharing of intelligence information, a federated approach would have been better, one based on modern web search technology:

* Allow each force to host their own portion of the PND in a simple web system, defining their own upload and access control policies.

* Use a simple set of media types for information storage, loosely typed and encouraging information upload.

* Make sense of the data using modern web search tools based on Information Retrieval (IR) technology.

As well as encouraging "buy in" and "ownership" by forces, such a system is also likely to be easier to manage and far more resilient and secure than any centralised PND.

This is a classic example of how the design of a computer system needs to mirror the operating model of the organisation. Without the political will to actually merge them, if you have 43 separate police forces, the chances are that you need a system consisting of 43 times "something". My vote would be for a simple federated system made up of 43 identical parts, rather than one centralised system that is perhaps 43 times more complex than it needs to be!

I know a federated approach was tried several years ago, but failed due to the wrong technology choices and poor implementation, but today we have a much better understanding of how to make Internet-scale web search systems work. The public sector's reliance on large, centralised databases using (relatively) old-fashioned technology approaches is astounding. For how long will government continue to ignore what the private sector has learned about technology implementation and about web systems in particular?

I'd worry about security before that, and resilience etc. needs more than web server & cacheing considered. Actually, I'd worry about the people side of things first, from developers to managers to users. They're always the weak point.

So

Another contract for ACPO? Well after all, like with all the other inevitabilities of the intrusive, anti-democratic, proto-totalitarian legislation of the Blair/Brown/Campbell/Mandelson years that the average voter or abstainer refuse to believe could ever happen here, it isn't so hard to imagine a not-too-distant UK in which ACPO runs the police in a PPP (and as with any PPP, it goes entirely commercial the moment it shows a profit - well, if you pretend it isn't being subsidised by the tax payer, that is).

"As the PND develops, the code will be updated by the NPIA."

The NPIA is a wholly owned subsidiary of ACPO Ltd, the private limited company that brags about being the equal of a democratically elected government [see the box towards the top right of the front page at www.acpo.police.uk].

Some inside track

Having worked at a company for 7 years that produces database software for the UK Police and Internationally (and not a small player at that), I can tell you that amongst the big things you HAVE to do for any database is be able to audit who/what/where/when of what the people are doing. The storage of that audit information is required to be transparent to the person using the database, and for people with audit viewing permissions, be relatively easy for them to interrogate that database. Oh and the audit viewing actions should also be audited as well :-)

It still fails me that they couldn't look above the border and see how things work in the national Scottish database!